Facebook taps into NFC in Android phones for strong account security

Facebook taps into NFC in Android phones for strong account security

We hear a lot about 2-factor authentication these days, an invaluable way to protect your account from someone who has stolen your password, but there’s an inherent wrinkle built into the system: SMS. Most 2FA setups use text messages to deliver a one-time code sent to your phone, but there can be issues with that system. For one, it requires a cell connection, and for another texts can be intercepted.

Granted, this is a small window of opportunity for hackers, but Facebook wants to close it all the way. To secure accounts even further, it has begun rolling out support for security keys into its account login protection, eliminating SMS from the equation and letting users lock down their accounts with a fast, foolproof 2FA method. And for Android users with one of the newer NFC-capable phones, it’s even easier.

“Starting today, you can register a physical security key to your account so that the next time you log in after enabling login approvals, you’ll simply tap a small hardware device that goes in the USB drive of your computer,” Facebook security engineer Brad Hill wrote in a post. “Your login is practically immune to phishing because you don’t have to enter a code yourself, and the hardware provides cryptographic proof that it’s in your machine.”

facebook nfc Facebook

If you have an NFC-equipped Android phone, you can use a YubiKey Neo to instantly authenticate your Facebook account.

Since it’s a new feature, it only works with the latest version of Chrome or Opera on a PC, and isn’t yet supported by the mobile Facebook app. However, as xHill writes, if you have an NFC chip in your Android phone, you can download the latest version of Chrome and Google Authenticator in the Play Store to use your key to wirelessly unlock your account.

Yubico’s security keys start at $18, but the NFC-equipped Yubikey Neo costs $50. However, they aren’t just useful for Facebook. Security keys work with a variety of accounts, including Google, Dropbox, and GitHub, though the implementation may vary, especially over NFC.

The impact on you at home: Securing online accounts should be a top priority for anyone who posts and shares personal information over social media or email (which is pretty much everyone), but far too few people understand just how important it is. While it’s unlikely that this method will have an immediate measurable effect on Facebook users, it’s a glimpse at how serious the social media giant is about security, and how two-factor authentication could become much more commonplace in the future. 

IDG Insider

PREVIOUS ARTICLE

«Obsidian unveils Pillars of Eternity II: Deadfire with a crowdfunding campaign

NEXT ARTICLE

Dauntless hands-on preview: Bringing the thrill of monster hunting to PCs»
author_image
IDG Connect

IDG Connect tackles the tech stories that matter to you

Add Your Comment

Most Recent Comments

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.

images

Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.

images

Poll

Should companies have Bitcoins on hand in preparation for a Ransomware attack?